快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 355518
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-66546 |
Nextcloud Calendar app allowed booking appointments without the generated token
|
LOW | 3.3 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+3个
|
CVE NVD | |
| CVE-2025-66511 |
Nextcloud Calendar app used predictable proposal participant tokens
|
MEDIUM | 4.8 | 2025-12-05 |
nextcloud security-advisories
nextcloud calendar
|
CVE NVD | |
| CVE-2025-66552 |
Nextcloud Server admin_audit does not log all actions on files in groupfolders
|
MEDIUM | 4.3 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2024-9183 |
Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab
|
HIGH | 7.7 | 2025-12-05 |
GitLab GitLab
gitlab gitlab
|
CVE NVD | |
| CVE-2025-66547 |
Nextcloud Server users can modify tags on files that do not belong to them
|
MEDIUM | 4.3 | 2025-12-05 |
nextcloud security-advisories
nextcloud nextcloud_server
|
CVE NVD | |
| CVE-2025-14093 |
Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection
|
MEDIUM | 5.1 | 2025-12-05 |
Edimax BR-6478AC V3
edimax br-6478ac_v3_firmware
|
CVE NVD | |
| CVE-2025-66512 |
Nextcloud Server vulnerable to XSS in SVG images when opened outside of Nextcloud
|
MEDIUM | 5.4 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2025-14104 |
Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
|
MEDIUM | 6.1 | 2025-12-05 |
util-linux util-linux
Red Hat Red Hat Enterprise Linux 10
+5个
|
CVE NVD | |
| CVE-2025-66510 |
Nextcloud Server Contacts Search allowed users to retrieve contact information of other users beyond their contact list
|
MEDIUM | 4.5 | 2025-12-05 |
nextcloud security-advisories
nextcloud security-advisories
+1个
|
CVE NVD | |
| CVE-2025-65036 |
XWiki Remote Macros vulnerable to remote code execution using the confluence details summary macro
|
HIGH | 8.3 | 2025-12-05 |
xwikisas xwiki-pro-macros
|
CVE NVD | |
| CVE-2025-66471 |
urllib3 Streaming API improperly handles highly compressed data
|
HIGH | 8.9 | 2025-12-05 |
urllib3 urllib3
python urllib3
|
CVE NVD | |
| CVE-2025-66418 |
urllib3 安全漏洞
|
HIGH | 8.9 | 2025-12-05 |
urllib3 urllib3
python urllib3
|
CVE NVD +1 | |
| CVE-2025-14092 |
Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection
|
MEDIUM | 5.1 | 2025-12-05 |
Edimax BR-6478AC V3
edimax br-6478ac_v3_firmware
|
CVE NVD | |
| CVE-2025-14091 |
TrippWasTaken PHP-Guitar-Shop Product Details product.php sql injection
|
MEDIUM | 6.9 | 2025-12-05 |
TrippWasTaken PHP-Guitar-Shop
|
CVE NVD | |
| CVE-2025-14090 |
AMTT Hotel Broadband Operation System cardmake_down.php sql injection
|
MEDIUM | 5.1 | 2025-12-05 |
AMTT Hotel Broadband Operation System
amttgroup hibos
|
CVE NVD | |
| CVE-2025-14089 |
Himool ERP AdminActionViewSet update_account improper authorization
|
MEDIUM | 5.3 | 2025-12-05 |
Himool ERP
Himool ERP
+1个
|
CVE NVD | |
| CVE-2025-14088 |
ketr JEPaaS load improper authorization
|
MEDIUM | 5.3 | 2025-12-05 |
ketr JEPaaS
ketr JEPaaS
+7个
|
CVE NVD | |
| CVE-2025-14086 |
youlaitech youlai-mall openid access control
|
MEDIUM | 5.3 | 2025-12-05 |
youlaitech youlai-mall
youlaitech youlai-mall
+2个
|
CVE NVD | |
| CVE-2025-14085 |
youlaitech youlai-mall orders improper control of dynamically-identified variables
|
MEDIUM | 5.3 | 2025-12-05 |
youlaitech youlai-mall
youlaitech youlai-mall
+2个
|
CVE NVD | |
| CVE-2025-58098 |
Apache HTTP Server 安全漏洞
|
HIGH | 8.3 | 2025-12-05 |
Apache Software Foundation Apache HTTP Server
apache http_server
|
CVE NVD +1 |